EPSS
Percentile
30.8%
TYPO3 is vulnerable to information disclosure. The vulnerability exists because the response time during user authentication is not properly handled which allows an attacker to gain access to the existing and non-existing user account information.
github.com/TYPO3-CMS/core/commit/178a33cab80a1635ba5e4146f00855a56794a604
github.com/TYPO3/typo3/commit/f8b83ce15d4ea275a5a5e564e5d324242f7937b6
github.com/TYPO3/typo3/security/advisories/GHSA-m392-235j-9r7r
typo3.org/security/advisory/typo3-core-sa-2022-007